CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Schneider Electric 1Easergy Builder Nov 21, 2024 Jul 23, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to compromise a user account. |
1Schneider Electric 1Easergy Builder Nov 21, 2024 Jul 23, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A CWE-20: Improper input validation vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to modify project configuration files. |
1Schneider Electric 1Easergy Builder Nov 21, 2024 Jul 23, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to read user credentials. |
1Schneider Electric 1Easergy Builder Nov 21, 2024 Jul 23, 2020 N/A· v4 7.8 HIGH· v3 2.1 LOW· v2 A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials. |
1Schneider Electric 1Easergy Builder Nov 21, 2024 Jul 23, 2020 N/A· v4 7.8 HIGH· v3 2.1 LOW· v2 A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password. |
1Schneider Electric 1Easergy Builder Nov 21, 2024 Jul 23, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker access to the authorization credentials for a device and gain...Show more |